Vulnerability Details CVE-2023-45684
Northern.tech CFEngine Enterprise before 3.21.3 allows SQL Injection. The fixed versions are 3.18.6 and 3.21.3. The earliest affected version is 3.6.0. The issue is in the Mission Portal login page in the CFEngine hub.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 67.8%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2023-45684
-
cpe:2.3:a:northern.tech:cfengine:-
-
cpe:2.3:a:northern.tech:cfengine:3.10.7
-
cpe:2.3:a:northern.tech:cfengine:3.12.1
-
cpe:2.3:a:northern.tech:cfengine:3.12.2
-
cpe:2.3:a:northern.tech:cfengine:3.12.3
-
cpe:2.3:a:northern.tech:cfengine:3.15.0
-
cpe:2.3:a:northern.tech:cfengine:3.15.2
-
cpe:2.3:a:northern.tech:cfengine:3.15.3
-
cpe:2.3:a:northern.tech:cfengine:3.15.4
-
cpe:2.3:a:northern.tech:cfengine:3.15.5
-
cpe:2.3:a:northern.tech:cfengine:3.16.0
-
cpe:2.3:a:northern.tech:cfengine:3.17.0
-
cpe:2.3:a:northern.tech:cfengine:3.18.0
-
cpe:2.3:a:northern.tech:cfengine:3.18.1
-
cpe:2.3:a:northern.tech:cfengine:3.21.1
-
cpe:2.3:a:northern.tech:cfengine:3.6.0
-
cpe:2.3:a:northern.tech:cfengine:3.7